A security vulnerability has been detected in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /cart/index.php. Such manipulation of the argument uname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
History

Fri, 05 Sep 2025 13:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. A security vulnerability has been detected in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /cart/index.php. Such manipulation of the argument uname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Tue, 05 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Anisha
Anisha online Medicine Guide
CPEs cpe:2.3:a:anisha:online_medicine_guide:1.0:*:*:*:*:*:*:*
Vendors & Products Anisha
Anisha online Medicine Guide

Mon, 04 Aug 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 04 Aug 2025 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Code-projects
Code-projects online Medicine Guide
Vendors & Products Code-projects
Code-projects online Medicine Guide

Sun, 03 Aug 2025 04:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Title code-projects Online Medicine Guide index.php sql injection
Weaknesses CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-09-05T12:58:26.625Z

Reserved: 2025-08-02T06:50:11.910Z

Link: CVE-2025-8498

cve-icon Vulnrichment

Updated: 2025-08-04T17:46:13.865Z

cve-icon NVD

Status : Modified

Published: 2025-08-03T04:15:53.443

Modified: 2025-09-05T13:15:33.557

Link: CVE-2025-8498

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-04T09:24:17Z